<?php
session_start();
include '../comm/config.php';
include '../comm/checkpostandget.php';
include '../comm/msgset.php';
$nonames=array('网站客服');

if($_GET['jihuo']!=''){
    $code=base64_decode($_GET['jihuo']);
	$code_arr=explode('#',$code);
	$sql="select ddusername,jihuo from ".$BIAOTOU."user where Id=".$code_arr[0];
	$query=mysql_query($sql);
	$row=mysql_fetch_array($query);
	if($row['jihuo']==1){
	    echo "<script language=javascript>window.location='error.php?id=34';</script>";  //无需激活
	    exit;
	}
	elseif($row['jihuo']==0){
	    $sql="update ".$BIAOTOU."user set jihuo=1 where Id=".$code_arr[0];
		$query=mysql_query($sql);
		echo "<script language=javascript>alert('激活成功，从新登陆网站！');window.location='login.php';</script>"; 
	    exit;
	}
}

function reg_name($name,$min=3,$max=15,$shield_arr=array()){
	$strl=strlen($name);
	if($strl<$min or $strl>$max){
	    return -1; //用户名不合法
	}
	if(!empty($shield_arr)){
	    foreach($shield_arr as $v){
	        if(strstr($name,$v)!=''){
			    return -2; //包含非法词汇
	        }
	    }
	}
	$pcre_name = "/^[A-Za-z0-9_\.\-@\x80-\xff]+$/"; //utf-8
	//$pcre_name = "/^[a-z0-9_".chr(0xa1)."-".chr(0xff)."]+$/"; //gbk
    if(preg_match($pcre_name,$name)){
        return 1;
    }else{
        return -1;  //用户名不合法
    }
}

$tjr = $_SESSION["tjr"];
$name = trim($_POST['username']);
$pwd = trim($_POST['password']);
$md5pwd = md5($pwd);
$email = $_POST['email'];
$qq = $_POST['qq'];
$from = trim($_POST['from']);
$yzm = trim($_POST['yzm']);
$api=$_POST['api']?$_POST['api']:$_GET['api'];
$need_jihuo=0; //注册后是否需要激活
$ip=get_client_ip();

if(REGBETWEEN>0){
    $sql="select regtime from ".$BIAOTOU."user where regip='".$ip."' order by id desc limit 1";
	$query=mysql_query($sql);
	$row=mysql_fetch_array($query);
	$regtime=$row['regtime'];
	$regtime=strtotime($regtime);
	if(time()-$regtime<REGBETWEEN*3600){
	    echo "<script language=javascript>alert('".REGBETWEEN."小时内不可重复注册！');history.go(-1)</script>";
	    exit;
	}
}


$orther_web = trim($_POST['orther_web']);
$orther_web_id = trim($_POST['orther_web_id']);
$orther_web_name = trim($_POST['orther_web_name']);

if($name!='' && reg_name($name)<0){
    echo "<script language=javascript>alert('用户名不合法');history.go(-1)</script>";
	exit;
}

if($orther_web_name!='' && reg_name($orther_web_name)<0){
    echo "<script language=javascript>alert('用户名不合法');history.go(-1)</script>";
	exit;
}

//phpwind
$referer = trim($_POST['referer']);

if(APIREG==1){
    if($yzm!=$_SESSION["code"] || $yzm=='' || $_SESSION["code"]==''){
	    echo "<script language=javascript>window.location='error.php?id=31';</script>";
	    exit;
    }
}

if($_GET['orther_web_name']!='' && $_GET['orther_web_id']!=''){ //当注册方式为第三方自动注册
    $apireg=$_GET['apireg'];
	$apireg=authcode($apireg,'DECODE');
	if($apireg!='auto'){
	    exit('参数错误');
	}
	$orther_web = trim($_GET['orther_web']);
    $orther_web_id = trim($_GET['orther_web_id']);
    $orther_web_name = trim($_GET['orther_web_name']);
	
	$name=utf_substr($orther_web_name,10);
    $pwd = abs(crc32($dbpass.$orther_web_id));
    $md5pwd = md5($pwd);
    $email = $pwd.'@email.com';
    $qq = 11111;
	
	$yzm=$_GET['yzm'];
	if($yzm=='' || $yzm!=$_SESSION["yzm"]){
	    echo "<script language=javascript>window.location='error.php?id=31';</script>";
	    exit;
	}
}

unset($_SESSION["code"]);
unset($_SESSION["yzm"]);

if($orther_web || $orther_web_id || $orther_web_name){
    if (!$orther_web || !$orther_web_id || !$orther_web_name) {
	    echo "缺少必要参数";
	    exit;
    }
}

$sj=date('Y-m-d H:i:s');

if ($name == "" || $pwd == "" || $qq=='') {
	echo "<script language=javascript>window.location='error.php?id=0';</script>";
	exit;
}
//2012-06-26邮箱检测
if(!preg_match('/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/',$email)){
	echo "<script language=javascript>window.location='error.php?id=37';</script>"; //邮箱不合法
	exit;
}
//2012-06-26QQ检测
if(!preg_match('/^[1-9][0-9]{4,}$/',$qq)){
	echo "<script language=javascript>window.location='error.php?id=38';</script>"; //邮箱不合法
	exit;
}

if(in_array($name,$nonames)){
    echo "<script language=javascript>window.location='error.php?id=21';</script>"; //包含不允许注册的词语
	exit;
}

if (UC == 1) {
	include '../data/config.inc.php';
	include '../uc_client/client.php';

	/////////////////////////////////////
	$uc_name = iconv("utf-8", "utf-8", $name);
	$uid = uc_user_register($uc_name, $pwd, $email);
	/////////////////////////////////////

	if ($uid == -1) {
		echo "<script language=javascript>window.location='error.php?id=22';</script>"; //用户名不合法
		exit;
	}
	elseif ($uid == -2) {
		echo "<script language=javascript>window.location='error.php?id=21';</script>"; //包含不允许注册的词语
		exit;
	}
	elseif ($uid == -3) {
		echo "<script language=javascript>window.location='error.php?id=1';</script>"; //对不起，该用户名已经被注册，请更换一个重新注册
		exit;
	}
	elseif ($uid == -4) {
		echo "<script language=javascript>window.location='error.php?id=25';</script>"; //Email 格式有误
		exit;
	}
	elseif ($uid == -5) {
		echo "<script language=javascript>window.location='error.php?id=26';</script>"; //Email 不允许注册
		exit;
	}
	elseif ($uid == -6) {
		echo "<script language=javascript>window.location='error.php?id=20';</script>"; //该 Email 已经被注册
		exit;
	}
}

if(mysql_ping($cfg_link)==''){
	mysql_close($cfg_link);
    $cfg_link = mysql_connect($dbserver, $dbuser, $dbpass);
	if(mysql_error()!=''){echo mysql_error();echo 'link error';exit;}
	mysql_select_db($dbname);
    mysql_query("set names utf8");
}
else{
    $cfg_link = mysql_connect($dbserver, $dbuser, $dbpass);
	if(mysql_error()!=''){echo mysql_error();echo 'link error';exit;}
	mysql_select_db($dbname);
    mysql_query("set names utf8");
}

if (UC == 0) {
	$qz = "SELECT count(*) FROM " . $BIAOTOU . "user where ddusername='" . $name . "'";
	$rs = mysql_query($qz);
	$t = mysql_fetch_array($rs);
	//向phpwind注册
    $windconfig = get_phpwind_config();
    if ($windconfig['open'] == 'on') {
        $sta = reg_phpwind($name, $email, $pwd, $windconfig);
        if ($sta == -1) {
            echo "<script language=javascript>window.location='error.php?id=34';</script>"; //不能与论坛整合
            exit;
        }
    }
	if ($t[0] > 0) {
		echo "<script language=javascript>window.location='error.php?id=1';</script>"; //对不起，该用户名已经被注册，请更换一个重新注册
		exit;
	}
	$uid = 'NULL';
}

if(EMAILJIHUO==0){
    $jihuo=1;
}
else{
    $jihuo=0;
}
$insert = "INSERT INTO " . $BIAOTOU . "user(Id,ddusername,ddpassword,email,qq,regtime,regip,lastlogintime,loginnum,tjr,pass_question,pass_answer,money,jifen,dengji,jihuo) values ($uid,'$name','$md5pwd','$email','$qq','$sj','$ip','$sj',1,'$tjr','$question','$answer','" . ZHUCESONG . "','" . ZSJIFEN . "'," . ZHUCESONGLEVEL . ",$jihuo)";
mysql_query($insert);
echo mysql_error();
if (UC == 0) {
	$uid = mysql_insert_id();
}
$tg = round(TGBL / FXBL * 100, 2);
$msg_zhuce = str_replace("[name]", $name, $msg_zhuce);
$msg_zhuce = str_replace("[WEBTITLE]", WEBTITLE, $msg_zhuce);
$msg_zhuce = str_replace("[tg]", $tg, $msg_zhuce);
$insert = "INSERT into " . $BIAOTOU . "msg(ddusername,title,content,addtime,senduser) values ('$name','欢迎注册" . WEBTITLE . "','" . $msg_zhuce . "','" . $sj . "','网站客服')";
mysql_query($insert);
if($orther_web){
    $insert="insert into ".$BIAOTOU."apilogin(dduserid,ortheruserid,ortherusername,ortherwebname,time) values ('$uid','$orther_web_id','$orther_web_name','$orther_web','$sj')";
	mysql_query($insert);
}

if (ZHUCESONG != 0) {
	$insert = "INSERT INTO " . $BIAOTOU . "mingxi(ddusername,shijian,je,addtime,memo) values ('" . $name . "','注册赠送','" . ZHUCESONG . "','" . $sj . "','注册赠送金额" . ZHUCESONG . "元')";
	mysql_query($insert);
	$msg_zhucesong = str_replace("[ZHUCESONG]", ZHUCESONG, $msg_zhucesong);
	$insert = "INSERT into " . $BIAOTOU . "msg(ddusername,title,content,addtime,senduser) values ('$name','注册赠送','" . $msg_zhucesong . "','$sj','网站客服')";
	mysql_query($insert);
}

if(JIFENOPEN==1 && ZSJIFEN>0){
    $insert = "INSERT INTO " . $BIAOTOU . "mingxi(ddusername,shijian,jifen,addtime,memo) values ('" . $name . "','注册赠送积分','" . ZSJIFEN . "','" . $sj . "','注册赠送积分" . ZSJIFEN . "')";
	mysql_query($insert);
	$msg_zsjifen = str_replace("[ZSJIFEN]", ZSJIFEN, $msg_zsjifen);
	$insert = "INSERT into " . $BIAOTOU . "msg(ddusername,title,content,addtime,senduser) values ('$name','注册赠送积分','" . $msg_zsjifen . "','$sj','网站客服')";
	mysql_query($insert);
}

if(SMTPOPEN=='on' && REGSENDEMAIL==1){
	$jihuo_code=urlencode(base64_encode($uid.'#'.$name.'#'.$md5pwd));
	$jihuo_url='http://'.URL.'/user/savereg.php?jihuo='.$jihuo_code;
	if(EMAILJIHUO==1){
		$msg_zhuce.='<br/>您的网站激活链接<a href='.$jihuo_url.'>'.$jihuo_url.'</a>';
		$from="email_jihuo.php?e=".urlencode($email);
		$need_jihuo=1;
	}
    mail_send($email, WEBTITLE.'欢迎您的到来', $msg_zhuce);
	
}

if($need_jihuo==0){
    $_SESSION['duoduouser'] = $name;
    $_SESSION["dduserid"] = $uid;
    $_SESSION["dduserlevel"] = ZHUCESONGLEVEL;
    setcookie("ddusername", $name, time() + 1000 * 24 * 60 * 60, "/", SURL);
    setcookie("ddpassword", $md5pwd, time() + 1000 * 24 * 60 * 60, "/", SURL);
}


//论坛同步登录
if ($windconfig['open'] == 'on') {
    if ($from!='') {
        $url = 'windpage.php?from='.$from;
    } else {
        $url = 'windpage.php';
    }
    phpwind_login($name, $pwd, $url, $windconfig, 2);
    exit;
} 
else {
    if ($from!='') {
        echo "<script language=javascript>window.location='" . $from . "';</script>";
    } else {
        echo "<script language=javascript>window.location='center.php';</script>";
    }
}
mysql_close();
?>
